View Full Version : error on startup and when anything opens
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL is either not desinged to run on windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support. ......
This is the error i get on startup and when anything opens.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:10:04 AM, on 5/5/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8945 bytes
Hi,
Download DDS and save it to your desktop from here (http://www.techsupportforum.com/sectools/sUBs/dds) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt
Save both reports to your desktop. Post them back to your topic.
DDS (Ver_09-03-16.01) - NTFSx86
Run by Jeremy at 14:40:39.51 on Thu 05/07/2009
Internet Explorer: 8.0.6001.18702
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3573.2234 [GMT -5:00]
AV: AVG Internet Security *On-access scanning enabled* (Updated)
FW: AVG Firewall *enabled*
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\STacSV.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Jeremy\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uDefault_Page_URL = hxxp://www.msn.com
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4080301
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [<NO NAME>]
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [dscactivate] c:\program files\dell support center\gs_agent\custom\dsca.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [AVGIDS] "c:\program files\avg\avg8\identityprotection\agent\bin\AVGIDSUI.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL,avgrsstx.dll
============= SERVICES / DRIVERS ===============
R0 AVGIDSErHr;AVGIDSErHr;c:\windows\system32\drivers\AVGIDSErHr.sys [2009-2-26 25608]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-4-15 12552]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2009-4-15 23832]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-15 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-15 108552]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-3-1 73728]
R2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-4-23 464264]
R2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-4-23 234888]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-4-24 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-4-15 298776]
R2 avgfws8;AVG8 Firewall;c:\progra~1\avg\avg8\avgfws8.exe [2009-4-24 1366904]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg8\identityprotection\agent\bin\AVGIDSAgent.exe [2009-2-26 5576712]
R2 AVGIDSWatcher;AVGIDSWatcher;c:\program files\avg\avg8\identityprotection\agent\bin\AVGIDSWatcher.exe [2009-2-26 563720]
R3 AVGIDSDriver;AVGIDSDriver;c:\program files\avg\avg8\identityprotection\agent\driver\platform_vista\AVGIDSDriver.sys [2009-2-26 121352]
R3 AVGIDSFilter;AVGIDSFilter;c:\program files\avg\avg8\identityprotection\agent\driver\platform_vista\AVGIDSFilter.sys [2009-2-26 30216]
R3 AVGIDSShim;AVGIDSShim;c:\program files\avg\avg8\identityprotection\agent\driver\platform_vista\AVGIDSShim.sys [2009-2-26 29136]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\drivers\OEM02Dev.sys [2008-3-1 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\drivers\OEM02Vfx.sys [2008-3-1 7424]
=============== Created Last 30 ================
2009-05-06 23:40 <DIR> --d----- c:\program files\MSECache
2009-05-05 14:54 <DIR> --d----- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-05-05 11:19 <DIR> --d----- c:\program files\9Dragons
2009-05-05 10:50 <DIR> --d----- c:\programdata\PMB Files
2009-05-05 10:50 <DIR> --d----- c:\progra~2\PMB Files
2009-05-05 10:50 204 a------- C:\Plugins
2009-05-05 10:50 <DIR> --d----- c:\program files\Pando Networks
2009-05-04 21:23 <DIR> --d----- c:\program files\Microsoft
2009-05-04 21:23 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-05-04 21:21 <DIR> --d----- c:\program files\common files\Windows Live
2009-04-27 23:17 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-04-27 08:31 20 a------- c:\windows\system32\SYSTEM
2009-04-24 23:45 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-04-24 08:56 <DIR> --d----- C:\PerfLogs
2009-04-24 08:34 <DIR> --d----- C:\bf78737a31393d7eb07eb61a39925b7d
2009-04-23 19:59 588,288 a------- c:\windows\system32\MSMPEG2VDEC.DLL
2009-04-23 19:58 671,232 a------- c:\windows\system32\dfrgui.exe
2009-04-23 19:57 506,880 a------- c:\windows\system32\MSMPEG2ENC.DLL
2009-04-23 19:56 657,408 a------- c:\windows\system32\WMVXENCD.DLL
2009-04-23 19:55 41,472 a------- c:\windows\system32\drivers\raspppoe.sys
2009-04-23 19:54 704,512 a------- c:\windows\system32\SmiEngine.dll
2009-04-23 19:54 139,264 a------- c:\windows\system32\SmiInstaller.dll
2009-04-23 19:54 129,536 a------- c:\windows\system32\sqmapi.dll
2009-04-23 19:54 218,624 a------- c:\windows\system32\wdscore.dll
2009-04-23 19:54 130,560 a------- c:\windows\system32\PkgMgr.exe
2009-04-23 19:54 246,784 a------- c:\windows\system32\drvstore.dll
2009-04-23 19:54 305,152 a------- c:\windows\system32\msdelta.dll
2009-04-23 19:54 258,560 a------- c:\windows\system32\dpx.dll
2009-04-23 19:54 35,328 a------- c:\windows\system32\mspatcha.dll
2009-04-23 15:18 <DIR> --d----- c:\program files\SecureW2
2009-04-23 14:25 <DIR> --d----- c:\programdata\Apple Computer
2009-04-23 14:25 <DIR> --d----- c:\programdata\Apple
2009-04-23 12:42 <DIR> --d----- c:\program files\AskBarDis
2009-04-23 11:18 44,032 a------- c:\windows\system32\cbsra.exe
2009-04-23 11:16 196,608 a------- c:\windows\SPInstall.etl
2009-04-23 09:57 <DIR> --d----- c:\program files\World of Warcraft.81f64ae1.temp
2009-04-22 20:15 262 a------- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-04-22 20:14 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-04-22 19:28 <DIR> --d----- c:\programdata\Google
2009-04-22 16:10 <DIR> --d----- c:\program files\Trend Micro
2009-04-21 14:04 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-04-21 14:04 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-04-21 14:04 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-04-21 13:43 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-04-21 11:52 236 a------- c:\users\jeremy\appdata\roaming\wklnhst.dat
2009-04-21 11:24 <DIR> --d----- c:\programdata\WinZip
2009-04-21 11:14 <DIR> --d----- c:\programdata\Azureus
2009-04-21 11:14 <DIR> --d----- c:\progra~2\Azureus
2009-04-21 11:14 <DIR> --d----- c:\users\jeremy\appdata\roaming\Azureus
2009-04-21 11:13 <DIR> --d----- c:\program files\Vuze
2009-04-21 11:08 <DIR> --d----- c:\users\jeremy\appdata\roaming\ErrorFix
2009-04-21 11:07 <DIR> --d----- c:\program files\ErrorFix
2009-04-20 10:55 <DIR> --d----- c:\programdata\Microsoft Help
2009-04-20 09:40 <DIR> --d----- c:\users\jeremy\appdata\roaming\GetRightToGo
2009-04-19 00:35 <DIR> --d----- c:\program files\Adobe(1)
2009-04-17 12:29 <DIR> --d----- c:\program files\Ventrilo
2009-04-17 08:48 <DIR> --d-h--- c:\windows\msdownld.tmp
2009-04-17 08:40 269,312 a------- c:\windows\system32\es.dll
2009-04-16 14:23 <DIR> --d----- c:\windows\pss
2009-04-16 09:52 <DIR> --d----- c:\programdata\Blizzard
2009-04-16 09:52 <DIR> --d----- c:\progra~2\Blizzard
2009-04-15 19:29 <DIR> --d----- c:\program files\common files\Blizzard Entertainment
2009-04-15 19:12 <DIR> --d----- c:\program files\World of Warcraft.ca0547c5.temp
2009-04-15 18:42 161,765,820 a------- c:\windows\MEMORY.DMP
2009-04-15 18:32 <DIR> --d----- c:\program files\World of Warcraft.temp
2009-04-15 18:32 <DIR> --d----- c:\program files\common files\Blizzard Entertainment.temp
2009-04-15 18:16 <DIR> --d----- c:\programdata\Downloaded Installations
2009-04-15 18:16 <DIR> --d----- c:\progra~2\Downloaded Installations
2009-04-15 18:16 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-04-15 18:16 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-04-15 18:16 12,552 a------- c:\windows\system32\drivers\avgrkx86.sys
2009-04-15 18:16 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-04-15 18:16 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-04-15 18:15 23,832 a------- c:\windows\system32\drivers\avgfwd6x.sys
2009-04-15 18:15 <DIR> --d----- c:\program files\AVG
2009-04-15 18:15 <DIR> --d----- c:\programdata\avg8
2009-04-15 18:15 <DIR> --d----- c:\progra~2\avg8
2009-04-15 17:45 <DIR> --d----- c:\users\jeremy\appdata\roaming\AVG8
2009-04-15 17:31 361,984 a------- c:\windows\system32\IPSECSVC.DLL
2009-04-15 17:31 272,896 a------- c:\windows\system32\polstore.dll
2009-04-15 17:31 61,440 a------- c:\windows\system32\winipsec.dll
2009-04-15 17:31 28,672 a------- c:\windows\system32\FwRemoteSvr.dll
2009-04-15 17:30 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2009-04-15 17:30 160,768 a------- c:\windows\system32\PortableDeviceTypes.dll
2009-04-15 17:30 94,720 a------- c:\windows\system32\PortableDeviceClassExtension.dll
2009-04-15 17:27 376,832 a------- c:\windows\system32\winhttp.dll
2009-04-15 17:26 296,960 a------- c:\windows\system32\gdi32.dll
2009-04-15 17:24 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-15 17:23 562,176 a------- c:\windows\system32\msdtcprx.dll
2009-04-15 17:23 38,912 a------- c:\windows\system32\xolehlp.dll
2009-04-15 17:21 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-04-15 17:21 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-04-15 17:21 1,695,744 a------- c:\windows\system32\gameux.dll
2009-04-15 17:20 303,616 a------- c:\windows\system32\wmpeffects.dll
2009-04-15 17:19 1,191,936 a------- c:\windows\system32\msxml3.dll
2009-04-15 17:19 2,048 a------- c:\windows\system32\msxml3r.dll
2009-04-15 17:18 2,048 a------- c:\windows\system32\tzres.dll
2009-04-15 17:16 428,544 a------- c:\windows\system32\EncDec.dll
2009-04-15 17:16 293,376 a------- c:\windows\system32\psisdecd.dll
2009-04-15 17:16 217,088 a------- c:\windows\system32\psisrndr.ax
2009-04-15 17:16 177,664 a------- c:\windows\system32\mpg2splt.ax
2009-04-15 17:16 80,896 a------- c:\windows\system32\MSNP.ax
2009-04-15 17:16 69,632 a------- c:\windows\system32\Mpeg2Data.ax
2009-04-15 17:16 57,856 a------- c:\windows\system32\MSDvbNP.ax
2009-04-15 17:15 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-04-15 17:15 7,680 a------- c:\windows\system32\spwmp.dll
2009-04-15 17:15 4,096 a------- c:\windows\system32\msdxm.ocx
2009-04-15 17:15 4,096 a------- c:\windows\system32\dxmasf.dll
2009-04-15 17:11 2,927,104 a------- c:\windows\explorer.exe
2009-04-15 17:05 6,656 a------- c:\windows\system32\kbd106n.dll
2009-04-15 17:05 927,288 a------- c:\windows\system32\winresume.exe
2009-04-15 17:05 988,216 a------- c:\windows\system32\winload.exe
2009-04-15 17:05 378,368 a------- c:\windows\system32\srcore.dll
2009-04-15 17:05 318,464 a------- c:\windows\system32\rstrui.exe
2009-04-15 17:05 46,592 a------- c:\windows\system32\setbcdlocale.dll
2009-04-15 17:05 40,960 a------- c:\windows\system32\srclient.dll
2009-04-15 17:05 19,000 a------- c:\windows\system32\kd1394.dll
2009-04-15 17:05 14,848 a------- c:\windows\system32\srdelayed.exe
2009-04-15 17:05 615,992 a------- c:\windows\system32\ci.dll
2009-04-15 17:04 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-04-15 17:04 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-04-15 17:04 551,424 a------- c:\windows\system32\rpcss.dll
2009-04-15 17:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-04-15 17:04 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-04-15 17:04 183,296 a------- c:\windows\system32\sdohlp.dll
2009-04-15 17:04 54,784 a------- c:\windows\system32\iasads.dll
2009-04-15 17:04 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-04-15 17:04 17,408 a------- c:\windows\system32\iashost.exe
2009-04-15 17:04 98,304 a------- c:\windows\system32\iasrecst.dll
2009-04-15 17:02 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-04-15 17:02 441,400 a------- c:\windows\system32\drivers\ksecdd.sys
2009-04-15 17:02 72,704 a------- c:\windows\system32\secur32.dll
2009-04-15 17:02 24,064 a------- c:\windows\system32\amxread.dll
2009-04-15 17:02 13,824 a------- c:\windows\system32\apilogen.dll
2009-04-15 17:02 9,728 a------- c:\windows\system32\lsass.exe
2009-04-15 17:02 712,704 a------- c:\windows\system32\WindowsCodecs.dll
2009-04-15 17:02 425,472 a------- c:\windows\system32\PhotoMetadataHandler.dll
2009-04-15 17:02 347,136 a------- c:\windows\system32\WindowsCodecsExt.dll
2009-04-15 17:01 443,392 a------- c:\windows\system32\win32spl.dll
2009-04-15 17:01 37,888 a------- c:\windows\system32\printcom.dll
2009-04-15 17:00 113,664 a------- c:\windows\system32\drivers\rmcast.sys
2009-04-15 17:00 14,848 a------- c:\windows\system32\wshrm.dll
2009-04-15 16:58 288,768 a------- c:\windows\system32\drivers\srv.sys
2009-04-15 16:56 268,288 a------- c:\windows\system32\schannel.dll
2009-04-15 16:53 622,080 a------- c:\windows\system32\icardagt.exe
2009-04-15 16:53 97,800 a------- c:\windows\system32\infocardapi.dll
2009-04-15 16:53 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-04-15 16:53 11,264 a------- c:\windows\system32\icardres.dll
2009-04-15 16:53 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-15 16:53 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-04-15 16:53 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-04-15 16:53 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-04-15 16:49 22,216,704 a------- c:\windows\ocsetup_install_NetFx3.etl
2009-04-15 16:49 196,608 a------- c:\windows\ocsetup_cbs_install_NetFx3.perf
2009-04-15 16:49 65,536 a------- c:\windows\ocsetup_cbs_install_NetFx3.dpx
2009-04-15 16:46 96,760 a------- c:\windows\system32\dfshim.dll
2009-04-15 16:46 41,984 a------- c:\windows\system32\netfxperf.dll
2009-04-15 16:46 282,112 a------- c:\windows\system32\mscoree.dll
2009-04-15 16:46 158,720 a------- c:\windows\system32\mscorier.dll
2009-04-15 16:46 83,968 a------- c:\windows\system32\mscories.dll
2009-04-15 16:39 2,868,736 a------- c:\windows\system32\mf.dll
2009-04-15 16:39 98,816 a------- c:\windows\system32\mfps.dll
2009-04-15 16:39 53,248 a------- c:\windows\system32\rrinstaller.exe
2009-04-15 16:39 24,576 a------- c:\windows\system32\mfpmp.exe
2009-04-15 16:39 2,048 a------- c:\windows\system32\mferror.dll
2009-04-15 16:39 996,352 a------- c:\windows\system32\WMNetMgr.dll
2009-04-15 16:39 94,720 a------- c:\windows\system32\logagent.exe
2009-04-15 16:39 738,304 a------- c:\windows\system32\inetcomm.dll
2009-04-15 16:39 84,480 a------- c:\windows\system32\INETRES.dll
2009-04-15 16:39 1,645,568 a------- c:\windows\system32\connect.dll
2009-04-15 16:38 1,314,816 a------- c:\windows\system32\quartz.dll
2009-04-15 16:38 2,033,152 a------- c:\windows\system32\win32k.sys
2009-04-15 16:37 <DIR> --d----- c:\program files\MSXML 4.0
2009-04-15 16:37 1,334,272 a------- c:\windows\system32\msxml6.dll
2009-04-15 16:37 2,048 a------- c:\windows\system32\msxml6r.dll
2009-04-15 16:21 16 a------- c:\windows\system32\coh.cache
2009-04-15 16:11 <DIR> --d----- c:\users\Jeremy
2009-04-15 16:09 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-04-15 16:09 83,456 a------- c:\windows\system32\wudriver.dll
2009-04-15 16:09 162,064 a------- c:\windows\system32\wuwebv.dll
2009-04-15 16:09 31,232 a------- c:\windows\system32\wuapp.exe
2009-04-15 16:08 <DIR> --dsh--- c:\programdata\Documents
==================== Find3M ====================
2009-05-07 09:31 143,360 a------- c:\windows\inf\infstrng.dat
2009-05-07 09:31 51,200 a------- c:\windows\inf\infpub.dat
2009-04-24 09:14 174 a--sh--- c:\program files\desktop.ini
2009-04-24 09:11 86,016 a------- c:\windows\inf\infstor.dat
2009-04-24 08:56 665,600 a------- c:\windows\inf\drvindex.dat
2009-04-24 08:45 101,888 a------- c:\windows\system32\ifxcardm.dll
2009-04-24 08:45 82,432 a------- c:\windows\system32\axaltocm.dll
2009-04-15 17:21 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2009-04-15 17:21 2,560 a------- c:\windows\apppatch\AcRes.dll
2009-04-15 17:21 541,696 a------- c:\windows\apppatch\AcLayers.dll
2009-04-15 17:21 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2009-04-15 17:21 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-04-15 17:21 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-04-15 17:02 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-08 06:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 06:34 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 06:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 06:33 109,056 a------- c:\windows\system32\iesysprep.dll
2009-03-08 06:33 109,568 a------- c:\windows\system32\PDMSetup.exe
2009-03-08 06:33 132,608 a------- c:\windows\system32\ieUnatt.exe
2009-03-08 06:33 107,520 a------- c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 06:33 107,008 a------- c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 06:33 103,936 a------- c:\windows\system32\SetDepNx.exe
2009-03-08 06:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 06:32 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 06:32 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 06:32 66,560 a------- c:\windows\system32\wextract.exe
2009-03-08 06:32 169,472 a------- c:\windows\system32\iexpress.exe
2009-03-08 06:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 06:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 06:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 06:22 156,160 a------- c:\windows\system32\msls31.dll
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-03-01 08:27 76 a--shr-- c:\windows\CT4CET.bin
2008-03-01 16:04 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT
============= FINISH: 14:42:26.85 ===============
Hi
Post attach.txt file contents too, please.
DDS (Ver_09-03-16.01)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 3/1/2008 7:12:22 AM
System Uptime: 5/7/2009 10:23:31 AM (4 hours ago)
Motherboard: Dell Inc. | | 0UK439
Processor: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz | Microprocessor | 1833/166mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 220 GiB total, 138.001 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.498 GiB free.
E: is CDROM (UDF)
==== Disabled Device Manager Items =============
==== System Restore Points ===================
==== Installed Programs ======================
9Dragons
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.0
Advanced Audio FX Engine
Advanced Video FX Engine
AOL Install
Apple Software Update
AVG 8.5
AVG Identity Protection
Broadcom Management Programs
Browser Address Error Redirector
Choice Guard
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Dell Getting Started Guide
Dell Support Center
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card
Digital Line Detect
EarthLink Setup Files
Google Toolbar for Internet Explorer
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Internet Service Offers Launcher
Java(TM) SE Runtime Environment 6
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Word Viewer 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Modem Diagnostic Tool
Move Networks Media Player for Internet Explorer
MSVCRT
MSXML 4.0 SP2 (KB954430)
Music, Photos & Videos Launcher
NetWaiting
NetZeroInstallers
OutlookAddinSetup
Pando Media Booster
Product Documentation Launcher
QuickSet
QuickTime
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
SecureW2 EAP Suite 1.1.0 for Windows
Security Update for CAPICOM (KB931906)
Sonic Activation Module
User's Guides
Ventrilo Client
Vuze
Vuze Toolbar
Windows Live Call
Windows Live Essentials
Windows Live Sign-in Assistant
Windows Live Upload Tool
World of Warcraft
==== End Of File ===========================
Hi srock,
IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.
Vuze
Vuze Toolbar
I'd like you to read this thread (http://forums.spybot.info/showthread.php?t=282).
Please go to Control Panel > Programs and Features and uninstall the programs listed above (in red).
Show hidden files (Vista)
-----------------
1. Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
2. Click the View tab.
3. Under Advanced settings, click Show hidden files and folders, and then click OK.
Delete these folders:
c:\programdata\Azureus
c:\program files\Azureus
c:\users\jeremy\appdata\roaming\Azureus
c:\program files\Vuze
After that:
Uninstall Google Toolbar for Internet Explorer. You may install it later again.
Uninstall old Adobe Reader versions and get the latest one here (http://www.filehippo.com/download_adobe_reader/) or get Foxit Reader here (http://www.foxitsoftware.com/pdf/reader_2/down_reader.htm). Make sure you don't install toolbar if choose Foxit Reader!
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...
Updating Java:
Download the latest version of Java Runtime Environment (JRE) 6 Update 13 (http://java.sun.com/javase/downloads/index.jsp).
Click the
Download
button to the right.
Select Windows on platform combobox and check the box that says:
Accept License Agreement. Click continue.
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u13-windows-i586-p.exe to install the newest version. Uncheck MSN toolbar if it's offered there.
Kaspersky Online Scanner (http://www.kaspersky.com/virusscanner)
Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
Read the requirements and privacy statement then click on the Accept button.
The program will launch and start to download the latest definition files.
You will be prompted to install an application from Kaspersky. Click Run
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
Click on Save Report As....
Change the Files of type to Text file (.txt) before clicking on the Save button.
Save this report to a convenient place.
Copy and paste that information into your topic. Reboot and post a fresh dds.txt log too. Did you still get the error at the startup after doing all those steps listed above?
The scan will take a while so be patient and let it run. As it scans your machine very deeply it could take hours to complete, Kaspersky suggests running it during a time of low activity.
If you need a tutorial, see here (http://i275.photobucket.com/albums/jj285/Bleeping/KAS/KAS9.gif)
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Saturday, May 9, 2009
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Saturday, May 09, 2009 19:04:57
Records in database: 2151722
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
Scan statistics:
Files scanned: 104753
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 01:32:43
No malware has been detected. The scan area is clean.
The selected area was scann
________________________________________________________________
DDS (Ver_09-03-16.01) - NTFSx86
Run by Jeremy at 16:22:01.90 on Sat 05/09/2009
Internet Explorer: 8.0.6001.18702
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3573.1974 [GMT -5:00]
AV: AVG Internet Security *On-access scanning enabled* (Updated)
FW: AVG Firewall *enabled*
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\aestsrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\system32\STacSV.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Jeremy\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uDefault_Page_URL = hxxp://www.msn.com
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4080301
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [<NO NAME>]
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [dscactivate] c:\program files\dell support center\gs_agent\custom\dsca.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [AVGIDS] "c:\program files\avg\avg8\identityprotection\agent\bin\AVGIDSUI.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL,avgrsstx.dll
============= SERVICES / DRIVERS ===============
R0 AVGIDSErHr;AVGIDSErHr;c:\windows\system32\drivers\AVGIDSErHr.sys [2009-2-26 25608]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-4-15 12552]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2009-4-15 23832]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-15 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-15 108552]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-3-1 73728]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-4-24 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-4-15 298776]
R2 avgfws8;AVG8 Firewall;c:\progra~1\avg\avg8\avgfws8.exe [2009-4-24 1366904]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg8\identityprotection\agent\bin\AVGIDSAgent.exe [2009-2-26 5576712]
R2 AVGIDSWatcher;AVGIDSWatcher;c:\program files\avg\avg8\identityprotection\agent\bin\AVGIDSWatcher.exe [2009-2-26 563720]
R3 AVGIDSDriver;AVGIDSDriver;c:\program files\avg\avg8\identityprotection\agent\driver\platform_vista\AVGIDSDriver.sys [2009-2-26 121352]
R3 AVGIDSFilter;AVGIDSFilter;c:\program files\avg\avg8\identityprotection\agent\driver\platform_vista\AVGIDSFilter.sys [2009-2-26 30216]
R3 AVGIDSShim;AVGIDSShim;c:\program files\avg\avg8\identityprotection\agent\driver\platform_vista\AVGIDSShim.sys [2009-2-26 29136]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\drivers\OEM02Dev.sys [2008-3-1 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\drivers\OEM02Vfx.sys [2008-3-1 7424]
=============== Created Last 30 ================
2009-05-09 02:34 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-06 23:40 <DIR> --d----- c:\program files\MSECache
2009-05-05 14:54 <DIR> --d----- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-05-05 11:19 <DIR> --d----- c:\program files\9Dragons
2009-05-05 10:50 <DIR> --d----- c:\programdata\PMB Files
2009-05-05 10:50 <DIR> --d----- c:\progra~2\PMB Files
2009-05-05 10:50 204 a------- C:\Plugins
2009-05-05 10:50 <DIR> --d----- c:\program files\Pando Networks
2009-05-04 21:23 <DIR> --d----- c:\program files\Microsoft
2009-05-04 21:23 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-05-04 21:21 <DIR> --d----- c:\program files\common files\Windows Live
2009-04-27 23:17 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-04-27 08:31 20 a------- c:\windows\system32\SYSTEM
2009-04-24 23:45 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-04-24 08:56 <DIR> --d----- C:\PerfLogs
2009-04-24 08:34 <DIR> --d----- C:\bf78737a31393d7eb07eb61a39925b7d
2009-04-23 19:59 588,288 a------- c:\windows\system32\MSMPEG2VDEC.DLL
2009-04-23 19:58 671,232 a------- c:\windows\system32\dfrgui.exe
2009-04-23 19:57 506,880 a------- c:\windows\system32\MSMPEG2ENC.DLL
2009-04-23 19:56 657,408 a------- c:\windows\system32\WMVXENCD.DLL
2009-04-23 19:55 41,472 a------- c:\windows\system32\drivers\raspppoe.sys
2009-04-23 19:54 704,512 a------- c:\windows\system32\SmiEngine.dll
2009-04-23 19:54 139,264 a------- c:\windows\system32\SmiInstaller.dll
2009-04-23 19:54 129,536 a------- c:\windows\system32\sqmapi.dll
2009-04-23 19:54 218,624 a------- c:\windows\system32\wdscore.dll
2009-04-23 19:54 130,560 a------- c:\windows\system32\PkgMgr.exe
2009-04-23 19:54 246,784 a------- c:\windows\system32\drvstore.dll
2009-04-23 19:54 305,152 a------- c:\windows\system32\msdelta.dll
2009-04-23 19:54 258,560 a------- c:\windows\system32\dpx.dll
2009-04-23 19:54 35,328 a------- c:\windows\system32\mspatcha.dll
2009-04-23 15:18 <DIR> --d----- c:\program files\SecureW2
2009-04-23 14:25 <DIR> --d----- c:\programdata\Apple Computer
2009-04-23 14:25 <DIR> --d----- c:\programdata\Apple
2009-04-23 11:18 44,032 a------- c:\windows\system32\cbsra.exe
2009-04-23 11:16 196,608 a------- c:\windows\SPInstall.etl
2009-04-23 09:57 <DIR> --d----- c:\program files\World of Warcraft.81f64ae1.temp
2009-04-22 20:15 262 a------- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-04-22 20:14 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-04-22 16:10 <DIR> --d----- c:\program files\Trend Micro
2009-04-21 14:04 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-04-21 14:04 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-04-21 14:04 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-04-21 13:43 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-04-21 11:52 236 a------- c:\users\jeremy\appdata\roaming\wklnhst.dat
2009-04-21 11:24 <DIR> --d----- c:\programdata\WinZip
2009-04-21 11:08 <DIR> --d----- c:\users\jeremy\appdata\roaming\ErrorFix
2009-04-21 11:07 <DIR> --d----- c:\program files\ErrorFix
2009-04-20 10:55 <DIR> --d----- c:\programdata\Microsoft Help
2009-04-20 09:40 <DIR> --d----- c:\users\jeremy\appdata\roaming\GetRightToGo
2009-04-19 00:35 <DIR> --d----- c:\program files\Adobe(1)
2009-04-17 12:29 <DIR> --d----- c:\program files\Ventrilo
2009-04-17 08:48 <DIR> --d-h--- c:\windows\msdownld.tmp
2009-04-17 08:40 269,312 a------- c:\windows\system32\es.dll
2009-04-16 14:23 <DIR> --d----- c:\windows\pss
2009-04-16 09:52 <DIR> --d----- c:\programdata\Blizzard
2009-04-16 09:52 <DIR> --d----- c:\progra~2\Blizzard
2009-04-15 19:29 <DIR> --d----- c:\program files\common files\Blizzard Entertainment
2009-04-15 19:12 <DIR> --d----- c:\program files\World of Warcraft.ca0547c5.temp
2009-04-15 18:42 161,765,820 a------- c:\windows\MEMORY.DMP
2009-04-15 18:32 <DIR> --d----- c:\program files\World of Warcraft.temp
2009-04-15 18:32 <DIR> --d----- c:\program files\common files\Blizzard Entertainment.temp
2009-04-15 18:16 <DIR> --d----- c:\programdata\Downloaded Installations
2009-04-15 18:16 <DIR> --d----- c:\progra~2\Downloaded Installations
2009-04-15 18:16 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-04-15 18:16 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-04-15 18:16 12,552 a------- c:\windows\system32\drivers\avgrkx86.sys
2009-04-15 18:16 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-04-15 18:16 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-04-15 18:15 23,832 a------- c:\windows\system32\drivers\avgfwd6x.sys
2009-04-15 18:15 <DIR> --d----- c:\program files\AVG
2009-04-15 18:15 <DIR> --d----- c:\programdata\avg8
2009-04-15 18:15 <DIR> --d----- c:\progra~2\avg8
2009-04-15 17:45 <DIR> --d----- c:\users\jeremy\appdata\roaming\AVG8
2009-04-15 17:31 361,984 a------- c:\windows\system32\IPSECSVC.DLL
2009-04-15 17:31 272,896 a------- c:\windows\system32\polstore.dll
2009-04-15 17:31 61,440 a------- c:\windows\system32\winipsec.dll
2009-04-15 17:31 28,672 a------- c:\windows\system32\FwRemoteSvr.dll
2009-04-15 17:30 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2009-04-15 17:30 160,768 a------- c:\windows\system32\PortableDeviceTypes.dll
2009-04-15 17:30 94,720 a------- c:\windows\system32\PortableDeviceClassExtension.dll
2009-04-15 17:27 376,832 a------- c:\windows\system32\winhttp.dll
2009-04-15 17:26 296,960 a------- c:\windows\system32\gdi32.dll
2009-04-15 17:24 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-15 17:23 562,176 a------- c:\windows\system32\msdtcprx.dll
2009-04-15 17:23 38,912 a------- c:\windows\system32\xolehlp.dll
2009-04-15 17:21 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-04-15 17:21 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-04-15 17:21 1,695,744 a------- c:\windows\system32\gameux.dll
2009-04-15 17:20 303,616 a------- c:\windows\system32\wmpeffects.dll
2009-04-15 17:19 1,191,936 a------- c:\windows\system32\msxml3.dll
2009-04-15 17:19 2,048 a------- c:\windows\system32\msxml3r.dll
2009-04-15 17:18 2,048 a------- c:\windows\system32\tzres.dll
2009-04-15 17:16 428,544 a------- c:\windows\system32\EncDec.dll
2009-04-15 17:16 293,376 a------- c:\windows\system32\psisdecd.dll
2009-04-15 17:16 217,088 a------- c:\windows\system32\psisrndr.ax
2009-04-15 17:16 177,664 a------- c:\windows\system32\mpg2splt.ax
2009-04-15 17:16 80,896 a------- c:\windows\system32\MSNP.ax
2009-04-15 17:16 69,632 a------- c:\windows\system32\Mpeg2Data.ax
2009-04-15 17:16 57,856 a------- c:\windows\system32\MSDvbNP.ax
2009-04-15 17:15 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-04-15 17:15 7,680 a------- c:\windows\system32\spwmp.dll
2009-04-15 17:15 4,096 a------- c:\windows\system32\msdxm.ocx
2009-04-15 17:15 4,096 a------- c:\windows\system32\dxmasf.dll
2009-04-15 17:11 2,927,104 a------- c:\windows\explorer.exe
2009-04-15 17:05 6,656 a------- c:\windows\system32\kbd106n.dll
2009-04-15 17:05 927,288 a------- c:\windows\system32\winresume.exe
2009-04-15 17:05 988,216 a------- c:\windows\system32\winload.exe
2009-04-15 17:05 378,368 a------- c:\windows\system32\srcore.dll
2009-04-15 17:05 318,464 a------- c:\windows\system32\rstrui.exe
2009-04-15 17:05 46,592 a------- c:\windows\system32\setbcdlocale.dll
2009-04-15 17:05 40,960 a------- c:\windows\system32\srclient.dll
2009-04-15 17:05 19,000 a------- c:\windows\system32\kd1394.dll
2009-04-15 17:05 14,848 a------- c:\windows\system32\srdelayed.exe
2009-04-15 17:05 615,992 a------- c:\windows\system32\ci.dll
2009-04-15 17:04 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-04-15 17:04 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-04-15 17:04 551,424 a------- c:\windows\system32\rpcss.dll
2009-04-15 17:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-04-15 17:04 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-04-15 17:04 183,296 a------- c:\windows\system32\sdohlp.dll
2009-04-15 17:04 54,784 a------- c:\windows\system32\iasads.dll
2009-04-15 17:04 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-04-15 17:04 17,408 a------- c:\windows\system32\iashost.exe
2009-04-15 17:04 98,304 a------- c:\windows\system32\iasrecst.dll
2009-04-15 17:02 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-04-15 17:02 441,400 a------- c:\windows\system32\drivers\ksecdd.sys
2009-04-15 17:02 72,704 a------- c:\windows\system32\secur32.dll
2009-04-15 17:02 24,064 a------- c:\windows\system32\amxread.dll
2009-04-15 17:02 13,824 a------- c:\windows\system32\apilogen.dll
2009-04-15 17:02 9,728 a------- c:\windows\system32\lsass.exe
2009-04-15 17:02 712,704 a------- c:\windows\system32\WindowsCodecs.dll
2009-04-15 17:02 425,472 a------- c:\windows\system32\PhotoMetadataHandler.dll
2009-04-15 17:02 347,136 a------- c:\windows\system32\WindowsCodecsExt.dll
2009-04-15 17:01 443,392 a------- c:\windows\system32\win32spl.dll
2009-04-15 17:01 37,888 a------- c:\windows\system32\printcom.dll
2009-04-15 17:00 113,664 a------- c:\windows\system32\drivers\rmcast.sys
2009-04-15 17:00 14,848 a------- c:\windows\system32\wshrm.dll
2009-04-15 16:58 288,768 a------- c:\windows\system32\drivers\srv.sys
2009-04-15 16:56 268,288 a------- c:\windows\system32\schannel.dll
2009-04-15 16:53 622,080 a------- c:\windows\system32\icardagt.exe
2009-04-15 16:53 97,800 a------- c:\windows\system32\infocardapi.dll
2009-04-15 16:53 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-04-15 16:53 11,264 a------- c:\windows\system32\icardres.dll
2009-04-15 16:53 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-15 16:53 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-04-15 16:53 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-04-15 16:53 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-04-15 16:49 22,216,704 a------- c:\windows\ocsetup_install_NetFx3.etl
2009-04-15 16:49 196,608 a------- c:\windows\ocsetup_cbs_install_NetFx3.perf
2009-04-15 16:49 65,536 a------- c:\windows\ocsetup_cbs_install_NetFx3.dpx
2009-04-15 16:46 96,760 a------- c:\windows\system32\dfshim.dll
2009-04-15 16:46 41,984 a------- c:\windows\system32\netfxperf.dll
2009-04-15 16:46 282,112 a------- c:\windows\system32\mscoree.dll
2009-04-15 16:46 158,720 a------- c:\windows\system32\mscorier.dll
2009-04-15 16:46 83,968 a------- c:\windows\system32\mscories.dll
2009-04-15 16:39 2,868,736 a------- c:\windows\system32\mf.dll
2009-04-15 16:39 98,816 a------- c:\windows\system32\mfps.dll
2009-04-15 16:39 53,248 a------- c:\windows\system32\rrinstaller.exe
2009-04-15 16:39 24,576 a------- c:\windows\system32\mfpmp.exe
2009-04-15 16:39 2,048 a------- c:\windows\system32\mferror.dll
2009-04-15 16:39 996,352 a------- c:\windows\system32\WMNetMgr.dll
2009-04-15 16:39 94,720 a------- c:\windows\system32\logagent.exe
2009-04-15 16:39 738,304 a------- c:\windows\system32\inetcomm.dll
2009-04-15 16:39 84,480 a------- c:\windows\system32\INETRES.dll
2009-04-15 16:39 1,645,568 a------- c:\windows\system32\connect.dll
2009-04-15 16:38 1,314,816 a------- c:\windows\system32\quartz.dll
2009-04-15 16:38 2,033,152 a------- c:\windows\system32\win32k.sys
2009-04-15 16:37 <DIR> --d----- c:\program files\MSXML 4.0
2009-04-15 16:37 1,334,272 a------- c:\windows\system32\msxml6.dll
2009-04-15 16:37 2,048 a------- c:\windows\system32\msxml6r.dll
2009-04-15 16:21 16 a------- c:\windows\system32\coh.cache
2009-04-15 16:11 <DIR> --d----- c:\users\Jeremy
2009-04-15 16:09 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-04-15 16:09 83,456 a------- c:\windows\system32\wudriver.dll
2009-04-15 16:09 162,064 a------- c:\windows\system32\wuwebv.dll
2009-04-15 16:09 31,232 a------- c:\windows\system32\wuapp.exe
2009-04-15 16:08 <DIR> --dsh--- c:\programdata\Documents
==================== Find3M ====================
2009-05-07 09:31 143,360 a------- c:\windows\inf\infstrng.dat
2009-05-07 09:31 51,200 a------- c:\windows\inf\infpub.dat
2009-04-24 09:14 174 a--sh--- c:\program files\desktop.ini
2009-04-24 09:11 86,016 a------- c:\windows\inf\infstor.dat
2009-04-24 08:56 665,600 a------- c:\windows\inf\drvindex.dat
2009-04-24 08:45 101,888 a------- c:\windows\system32\ifxcardm.dll
2009-04-24 08:45 82,432 a------- c:\windows\system32\axaltocm.dll
2009-04-15 17:21 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2009-04-15 17:21 2,560 a------- c:\windows\apppatch\AcRes.dll
2009-04-15 17:21 541,696 a------- c:\windows\apppatch\AcLayers.dll
2009-04-15 17:21 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2009-04-15 17:21 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-04-15 17:21 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-04-15 17:02 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-08 06:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 06:34 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 06:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 06:33 109,056 a------- c:\windows\system32\iesysprep.dll
2009-03-08 06:33 109,568 a------- c:\windows\system32\PDMSetup.exe
2009-03-08 06:33 132,608 a------- c:\windows\system32\ieUnatt.exe
2009-03-08 06:33 107,520 a------- c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 06:33 107,008 a------- c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 06:33 103,936 a------- c:\windows\system32\SetDepNx.exe
2009-03-08 06:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 06:32 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 06:32 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 06:32 66,560 a------- c:\windows\system32\wextract.exe
2009-03-08 06:32 169,472 a------- c:\windows\system32\iexpress.exe
2009-03-08 06:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 06:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 06:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 06:22 156,160 a------- c:\windows\system32\msls31.dll
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-03-01 08:27 76 a--shr-- c:\windows\CT4CET.bin
2008-03-01 16:04 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT
============= FINISH: 16:23:17.03 ===============
_________________________________________________________________
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-03-16.01)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 3/1/2008 7:12:22 AM
System Uptime: 5/9/2009 7:12:13 AM (9 hours ago)
Motherboard: Dell Inc. | | 0UK439
Processor: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz | Microprocessor | 1833/166mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 220 GiB total, 138.149 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.498 GiB free.
E: is CDROM (UDF)
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP58: 4/27/2009 9:45:23 PM - Scheduled Checkpoint
RP60: 4/30/2009 9:35:30 AM - Avg8 Update
RP61: 5/1/2009 8:41:28 AM - Windows Update
RP62: 5/4/2009 1:48:10 PM - Windows Update
RP63: 5/5/2009 11:17:59 AM - Installed 9Dragons.
RP64: 5/5/2009 2:52:22 PM - Windows Update
RP65: 5/6/2009 8:01:20 PM - Scheduled Checkpoint
RP66: 5/6/2009 11:40:24 PM - Installed Microsoft Office Word Viewer 2003
RP67: 5/6/2009 11:44:29 PM - Installed Compatibility Pack for the 2007 Office system
RP68: 5/7/2009 9:00:02 AM - Windows Update
RP69: 5/7/2009 9:07:10 AM - Windows Update
RP70: 5/8/2009 12:10:25 PM - Windows Update
RP71: 5/8/2009 8:00:57 PM - Windows Update
RP72: 5/9/2009 2:19:00 AM - Removed Adobe Reader 8.1.0
RP73: 5/9/2009 2:23:09 AM - Installed Adobe Reader 9.1.
RP74: 5/9/2009 2:28:07 AM - Removed Java(TM) SE Runtime Environment 6
RP75: 5/9/2009 2:33:54 AM - Installed Java(TM) 6 Update 13
==== Installed Programs ======================
9Dragons
Adobe Reader 9.1
Advanced Audio FX Engine
Advanced Video FX Engine
AOL Install
Apple Software Update
AVG 8.5
AVG Identity Protection
Broadcom Management Programs
Browser Address Error Redirector
Choice Guard
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Dell Getting Started Guide
Dell Support Center
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card
Digital Line Detect
EarthLink Setup Files
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Internet Service Offers Launcher
Java(TM) 6 Update 13
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Word Viewer 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Modem Diagnostic Tool
Move Networks Media Player for Internet Explorer
MSVCRT
MSXML 4.0 SP2 (KB954430)
Music, Photos & Videos Launcher
NetWaiting
NetZeroInstallers
OutlookAddinSetup
Pando Media Booster
Product Documentation Launcher
QuickSet
QuickTime
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
SecureW2 EAP Suite 1.1.0 for Windows
Security Update for CAPICOM (KB931906)
Sonic Activation Module
User's Guides
Ventrilo Client
Windows Live Call
Windows Live Essentials
Windows Live Sign-in Assistant
Windows Live Upload Tool
World of Warcraft
==== Event Viewer Messages From Past Week ========
5/9/2009 2:19:36 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
5/9/2009 2:19:36 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/9/2009 2:19:36 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/8/2009 7:44:51 PM, Error: EventLog [6008] - The previous system shutdown at 7:43:59 PM on 5/8/2009 was unexpected.
5/8/2009 3:45:39 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\RegBack\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.
5/7/2009 3:15:41 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 001E4CC1A65A has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).
5/6/2009 4:23:35 PM, Error: EventLog [6008] - The previous system shutdown at 4:22:27 PM on 5/6/2009 was unexpected.
5/6/2009 11:56:52 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{C27A0E32-A579-40B7-B7A6-68739B1DC8A3} because another computer on the network has the same name. The server could not start.
5/6/2009 11:56:52 AM, Error: netbt [4321] - The name "JEREMY-PC :20" could not be registered on the interface with IP address 134.129.56.190. The computer with the IP address 134.129.111.178 did not allow the name to be claimed by this computer.
5/6/2009 11:56:52 AM, Error: netbt [4321] - The name "JEREMY-PC :0" could not be registered on the interface with IP address 134.129.56.190. The computer with the IP address 134.129.111.178 did not allow the name to be claimed by this computer.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The Wired AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The Tablet PC Input Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The ReadyBoost service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/5/2009 5:45:57 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/5/2009 2:55:43 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\Jeremy\AppData\Local\Microsoft\Windows\UsrClass.dat' was corrupted and it has been recovered. Some data might have been lost.
5/5/2009 2:28:25 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
5/4/2009 9:04:32 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.
5/4/2009 1:27:36 PM, Error: EventLog [6008] - The previous system shutdown at 12:32:48 PM on 5/4/2009 was unexpected.
5/3/2009 1:30:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avg8wd service.
5/2/2009 8:32:31 AM, Error: Service Control Manager [7000] - The BCM42RLY service failed to start due to the following error: The system cannot find the file specified.
5/2/2009 1:01:01 PM, Error: EventLog [6008] - The previous system shutdown at 12:59:34 PM on 5/2/2009 was unexpected.
==== End Of File ===========================
Hi
Do you still get that error on startup?
Yes the error is still there. On start up there is about 25 errors or bad image errors that i have to hit ok before it completely loads. It also happens when i try to open any program. Everything seems to be working fine when i just hit ok but i worry that something is infected.
Hi again,
Start hjt (right click HijackThis.exe and select 'run as administrator'), do a system scan only, check (if found):
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
Close browsers and fix checked.
Delete C:\Program Files\Google folder if found.
_____
Download ERUNT (http://www.softpedia.com/get/Tweak/Registry-Tweak/Erunt-g.shtml)
Save it to your desktop. Run and install this program.
In the box that opens ONLY choose
System registry.
Then click OK.
Click save and then go to File > Exit.
This is so the registry can be restored to this point if we need it. It may take a minute. Just let it go until it's done.
Save text below as fix.reg on Notepad (save it as all files (*.*)) on the Desktop.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"="avgrsstx.dll"
It should look like this -> http://users.telenet.be/bluepatchy/miekiemoes/images/reg.gif
Doubleclick fix.reg, press Yes and ok.
Reboot and post a fresh hjt log. Still getting errors?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:10:04 AM, on 5/5/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8945 bytes
There is no more error anymore. If this log looks good everything is running normal and fine with no error. Thanks for the help
Hi
That seems to be old hjt log you posted there. To get a fresh one, start hjt by right clicking HijackThis.exe file and select 'run as administrator' :) It's highly possible that those fixed entries are gone as planned but better make sure that's the case.
Due to inactivity, this thread will now be closed.
Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.
If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.